Re: [LARTC] Traffic shaper based on UIDs
Hi, [EMAIL PROTECTED] wrote: ... But there is no filter based on unix user id (the reason is clear for everybody -- ip packet doesn't contain this information). I've found the very interesting netfilter patches at the patch-o-matic: ... There is no need for POM patches, you may use the owner match from iptables. (see: man iptables) Am I on the right way? How can I combine the power of netfilter and traffic control systems to solve my problem? ... You might match for each user and then set a mark or even classify directly by iptables. (see man, too) Howto mark: http://lartc.org/howto/lartc.qdisc.filters.html (9.6.2, fwmark) Btw.. there is no best (classful) qdisc, this varies on your needs. Nevertheless, I'd take htb because it's relativly simple to setup (personally I like hfsc though). You may just try them out. :) Bye, Andreas. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Traffic shaper based on UIDs
Hello, Andreas! Yes, the owner match is great. But I can mark only outgoing packets this way. And as far as I know, traffic shaper needs to know who is the owner of the incoming packets to do the shaper job. And that's why it is required to patch the kernel, it seems to me. Have I misunderstood something? But I've recently sent to this mailing list another letter related to this problem. It seems to me, if each unix user would use the different IP address, it is not a problem to do the shaping. Thank you for your response. Hi, [EMAIL PROTECTED] wrote: ... But there is no filter based on unix user id (the reason is clear for everybody -- ip packet doesn't contain this information). I've found the very interesting netfilter patches at the patch-o-matic: ... There is no need for POM patches, you may use the owner match from iptables. (see: man iptables) Am I on the right way? How can I combine the power of netfilter and traffic control systems to solve my problem? ... You might match for each user and then set a mark or even classify directly by iptables. (see man, too) Howto mark: http://lartc.org/howto/lartc.qdisc.filters.html (9.6.2, fwmark) Btw.. there is no best (classful) qdisc, this varies on your needs. Nevertheless, I'd take htb because it's relativly simple to setup (personally I like hfsc though). You may just try them out. :) Bye, Andreas. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -- Sincerely yours, Vitaly Repin Ice Brains Software, ltd ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Traffic shaper based on UIDs
Hello! I need assistance to solve my problem related to traffic shaping based on the user ids. The problem: each unix user (of the linux host) has to be limited with incoming channel (internet) bandwidth. I need this to implement internet access solution based on ltsp (http://www.ltsp.org). As far as I know the best way to shape traffic in linux is CBQ. But there is no filter based on unix user id (the reason is clear for everybody -- ip packet doesn't contain this information). I've found the very interesting netfilter patches at the patch-o-matic: http://www.netfilter.org/patch-o-matic/pom-extra.html#pom-extra-owner-socketlookup http://www.netfilter.org/patch-o-matic/pom-extra.html#pom-extra-owner-supgids http://www.netfilter.org/patch-o-matic/pom-extra.html#pom-extra-ip_queue_vwmark Am I on the right way? How can I combine the power of netfilter and traffic control systems to solve my problem? I am new in this topic, so excuse me if my questions are too simple or dummy ::-) Thank you beforehand! -- Sincerely yours, Vitaly Repin Ice Brains Software, ltd ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc